Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Michael Haubenwallner <haubi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/proj/prefix:master commit in: net-nds/openldap/files/, net-nds/openldap/
Date: Wed, 04 Jul 2018 10:01:24
Message-Id: 1530698464.7c8eedf78630843a63ef9789672916708aa9aba0.haubi@gentoo
1 commit: 7c8eedf78630843a63ef9789672916708aa9aba0
2 Author: Michael Haubenwallner <haubi <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jul 4 10:01:04 2018 +0000
4 Commit: Michael Haubenwallner <haubi <AT> gentoo <DOT> org>
5 CommitDate: Wed Jul 4 10:01:04 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=7c8eedf7
7
8 net-nds/openldap: re-add for stacked windows prefix
9
10 Package-Manager: Portage-2.3.24, Repoman-2.3.6
11
12 net-nds/openldap/Manifest | 2 +
13 net-nds/openldap/files/DB_CONFIG.fast.example | 25 +
14 .../files/openldap-2.2.14-perlthreadsfix.patch | 12 +
15 .../openldap/files/openldap-2.4.11-libldap_r.patch | 11 +
16 .../openldap/files/openldap-2.4.15-ppolicy.patch | 12 +
17 net-nds/openldap/files/openldap-2.4.17-gcc44.patch | 11 +
18 .../openldap/files/openldap-2.4.28-fix-dash.patch | 26 +
19 .../files/openldap-2.4.28-gnutls-gcrypt.patch | 11 +
20 net-nds/openldap/files/openldap-2.4.31-gcc47.patch | 16 +
21 .../files/openldap-2.4.35-contrib-samba4.patch | 38 +
22 .../files/openldap-2.4.35-contrib-smbk5pwd.patch | 48 ++
23 net-nds/openldap/files/openldap-2.4.40-slapd-conf | 64 ++
24 .../files/openldap-2.4.42-mdb-unbundle.patch | 136 ++++
25 ...enldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch | 109 +++
26 .../openldap/files/openldap-2.4.45-libressl.patch | 65 ++
27 .../files/openldap-2.4.6-evolution-ntlm.patch | 192 +++++
28 net-nds/openldap/files/slapd-confd-2.4.28-r1 | 26 +
29 net-nds/openldap/files/slapd-initd-2.4.40-r2 | 64 ++
30 net-nds/openldap/files/slapd.service | 12 +
31 net-nds/openldap/files/slapd.service.conf | 12 +
32 net-nds/openldap/files/slapd.tmpfilesd | 2 +
33 net-nds/openldap/metadata.xml | 20 +
34 net-nds/openldap/openldap-2.4.45.ebuild | 886 +++++++++++++++++++++
35 23 files changed, 1800 insertions(+)
36
37 diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
38 new file mode 100644
39 index 0000000000..d0a81c6ed5
40 --- /dev/null
41 +++ b/net-nds/openldap/Manifest
42 @@ -0,0 +1,2 @@
43 +DIST openldap-2.4.45.tgz 5672845 BLAKE2B e1f97553482a2e8630b62bc0f439af2484f1a2349a1a077382a124354424fe510ab55f32c073565b142d0c9318870fe31a2652268ebabd97d3afd8c833bc7aab SHA512 1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab
44 +DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
45
46 diff --git a/net-nds/openldap/files/DB_CONFIG.fast.example b/net-nds/openldap/files/DB_CONFIG.fast.example
47 new file mode 100644
48 index 0000000000..8b52062c9c
49 --- /dev/null
50 +++ b/net-nds/openldap/files/DB_CONFIG.fast.example
51 @@ -0,0 +1,25 @@
52 +# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.1 2004/06/18 02:49:08 kurt Exp $
53 +# Example DB_CONFIG file for use with slapd(8) BDB/HDB databases.
54 +#
55 +# See Sleepycat Berkeley DB documentation
56 +# <http://www.sleepycat.com/docs/ref/env/db_config.html>
57 +# for detail description of DB_CONFIG syntax and semantics.
58 +#
59 +# Hints can also be found in the OpenLDAP Software FAQ
60 +# <http://www.openldap.org/faq/index.cgi?file=2>
61 +
62 +# one 0.25 GB cache
63 +set_cachesize 0 16777216 0
64 +
65 +# Data Directory
66 +#set_data_dir db
67 +
68 +# Transaction Log settings
69 +set_lg_regionmax 262144
70 +set_lg_bsize 524288
71 +#set_lg_dir logs
72 +
73 +# When using (and only when using) slapadd(8) or slapindex(8),
74 +# the following flags may be useful:
75 +#set_flags DB_TXN_NOSYNC
76 +#set_flags DB_TXN_NOT_DURABLE
77
78 diff --git a/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch b/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch
79 new file mode 100644
80 index 0000000000..ddb6672a5f
81 --- /dev/null
82 +++ b/net-nds/openldap/files/openldap-2.2.14-perlthreadsfix.patch
83 @@ -0,0 +1,12 @@
84 +diff -ur openldap-2.2.14.orig/servers/slapd/back-perl/Makefile.in openldap-2.2.14/servers/slapd/back-perl/Makefile.in
85 +--- openldap-2.2.14.orig/servers/slapd/back-perl/Makefile.in 2004-04-12 11:20:14.000000000 -0700
86 ++++ openldap-2.2.14/servers/slapd/back-perl/Makefile.in 2004-06-20 18:43:41.000000000 -0700
87 +@@ -31,7 +31,7 @@
88 +
89 + shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
90 + NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
91 +-UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
92 ++UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) `perl -MExtUtils::Embed -e ldopts`
93 +
94 + LIBBASE = back_perl
95 +
96
97 diff --git a/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch b/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch
98 new file mode 100644
99 index 0000000000..448249a3b5
100 --- /dev/null
101 +++ b/net-nds/openldap/files/openldap-2.4.11-libldap_r.patch
102 @@ -0,0 +1,11 @@
103 +diff -Nuar openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in openldap-2.4.11/servers/slapd/slapi/Makefile.in
104 +--- openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in 2008-02-11 15:26:49.000000000 -0800
105 ++++ openldap-2.4.11/servers/slapd/slapi/Makefile.in 2008-10-14 02:10:18.402799262 -0700
106 +@@ -37,6 +37,7 @@
107 + XLIBS = $(LIBRARY)
108 + XXLIBS =
109 + NT_LINK_LIBS = $(AC_LIBS)
110 ++UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
111 +
112 + XINCPATH = -I$(srcdir)/.. -I$(srcdir)
113 + XDEFS = $(MODULES_CPPFLAGS)
114
115 diff --git a/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
116 new file mode 100644
117 index 0000000000..3195ee550f
118 --- /dev/null
119 +++ b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
120 @@ -0,0 +1,12 @@
121 +--- openldap-2.4.15/clients/tools/common.c.orig 2009-02-05 15:05:03.000000000 -0800
122 ++++ openldap-2.4.15/clients/tools/common.c 2009-03-21 01:45:14.000000000 -0700
123 +@@ -1315,8 +1315,8 @@
124 + int nsctrls = 0;
125 +
126 + #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
127 ++ LDAPControl c;
128 + if ( ppolicy ) {
129 +- LDAPControl c;
130 + c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
131 + c.ldctl_value.bv_val = NULL;
132 + c.ldctl_value.bv_len = 0;
133
134 diff --git a/net-nds/openldap/files/openldap-2.4.17-gcc44.patch b/net-nds/openldap/files/openldap-2.4.17-gcc44.patch
135 new file mode 100644
136 index 0000000000..aa7fe7ac35
137 --- /dev/null
138 +++ b/net-nds/openldap/files/openldap-2.4.17-gcc44.patch
139 @@ -0,0 +1,11 @@
140 +diff -ur openldap-2.4.17.orig/contrib/ldapc++/src/SaslInteractionHandler.cpp openldap-2.4.17/contrib/ldapc++/src/SaslInteractionHandler.cpp
141 +--- openldap-2.4.17.orig/contrib/ldapc++/src/SaslInteractionHandler.cpp 2008-04-15 02:09:26.000000000 +0300
142 ++++ openldap-2.4.17/contrib/ldapc++/src/SaslInteractionHandler.cpp 2009-08-10 13:21:24.000000000 +0300
143 +@@ -13,6 +13,7 @@
144 + #include <termios.h>
145 + #endif
146 +
147 ++#include <stdio.h>
148 + #include <string.h>
149 + #include "SaslInteractionHandler.h"
150 + #include "SaslInteraction.h"
151
152 diff --git a/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch b/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch
153 new file mode 100644
154 index 0000000000..d15c3d2231
155 --- /dev/null
156 +++ b/net-nds/openldap/files/openldap-2.4.28-fix-dash.patch
157 @@ -0,0 +1,26 @@
158 +Our libtool needs bash to work properly.
159 +Patch unbreaks build when /bin/sh points to dash:
160 +
161 + Entering subdirectory liblber
162 + /bin/sh ../../libtool --mode=compile x86_64-pc-linux-gnu-gcc -O0 -D_GNU_SOURCE -I../../include -I../../include -I/usr/include/db4.8 -DLDAP_CONNECTIONLESS -DLBER_LIBRARY -c assert.c
163 + ../../build/mkversion -v "2.4.28" liblber.la > version.c
164 + /bin/sh ../../libtool --mode=compile x86_64-pc-linux-gnu-gcc -O0 -D_GNU_SOURCE -I../../include -I../../include -I/usr/include/db4.8 -DLDAP_CONNECTIONLESS -DLBER_LIBRARY -c decode.c
165 + eval: 1: base_compile+= x86_64-pc-linux-gnu-gcc: not found
166 + eval: 1: base_compile+= -O0: not found
167 + eval: 1: base_compile+= -D_GNU_SOURCE: not found
168 + eval: 1: base_compile+= x86_64-pc-linux-gnu-gcc: not found
169 + ...
170 + make[2]: *** [decode.lo] Error 1
171 +diff --git a/build/top.mk b/build/top.mk
172 +index 6fea488..ea324e3 100644
173 +--- a/build/top.mk
174 ++++ b/build/top.mk
175 +@@ -20,7 +20,7 @@ VERSION= @VERSION@
176 + RELEASEDATE= @OPENLDAP_RELEASE_DATE@
177 +
178 + @SET_MAKE@
179 +-SHELL = /bin/sh
180 ++SHELL = @SHELL@
181 +
182 + top_builddir = @top_builddir@
183 +
184
185 diff --git a/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch b/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch
186 new file mode 100644
187 index 0000000000..aeecb0f401
188 --- /dev/null
189 +++ b/net-nds/openldap/files/openldap-2.4.28-gnutls-gcrypt.patch
190 @@ -0,0 +1,11 @@
191 +--- openldap-2.4.28/configure.in.orig 2012-02-11 22:40:36.004360795 +0000
192 ++++ openldap-2.4.28/configure.in 2012-02-11 22:40:13.410986851 +0000
193 +@@ -1214,7 +1214,7 @@
194 + ol_with_tls=gnutls
195 + ol_link_tls=yes
196 +
197 +- TLS_LIBS="-lgnutls"
198 ++ TLS_LIBS="-lgnutls -lgcrypt"
199 +
200 + AC_DEFINE(HAVE_GNUTLS, 1,
201 + [define if you have GNUtls])
202
203 diff --git a/net-nds/openldap/files/openldap-2.4.31-gcc47.patch b/net-nds/openldap/files/openldap-2.4.31-gcc47.patch
204 new file mode 100644
205 index 0000000000..5b6af4b295
206 --- /dev/null
207 +++ b/net-nds/openldap/files/openldap-2.4.31-gcc47.patch
208 @@ -0,0 +1,16 @@
209 +Fix building with gcc-4.7
210 +
211 +https://bugs.gentoo.org/show_bug.cgi?id=420959
212 +http://www.openldap.org/its/index.cgi/Incoming?id=7304;page=16 #ITS 7304
213 +
214 +Patch written by Kacper Kowalik <xarthisius@g.o>
215 +--- a/contrib/ldapc++/src/SaslInteractionHandler.cpp
216 ++++ b/contrib/ldapc++/src/SaslInteractionHandler.cpp
217 +@@ -16,6 +16,7 @@
218 +
219 + #include <stdio.h>
220 + #include <string.h>
221 ++#include <unistd.h>
222 + #include "SaslInteractionHandler.h"
223 + #include "SaslInteraction.h"
224 + #include "debug.h"
225
226 diff --git a/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch b/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch
227 new file mode 100644
228 index 0000000000..4312dc7c55
229 --- /dev/null
230 +++ b/net-nds/openldap/files/openldap-2.4.35-contrib-samba4.patch
231 @@ -0,0 +1,38 @@
232 +diff -Nuar openldap-2.4.35.orig/contrib/slapd-modules/samba4/Makefile openldap-2.4.35/contrib/slapd-modules/samba4/Makefile
233 +--- openldap-2.4.35.orig/contrib/slapd-modules/samba4/Makefile 2013-03-28 15:41:51.000000000 +0000
234 ++++ openldap-2.4.35/contrib/slapd-modules/samba4/Makefile 2013-04-16 02:16:40.651868432 +0000
235 +@@ -20,7 +20,8 @@
236 +
237 + LIBTOOL = $(LDAP_BUILD)/libtool
238 + CC = gcc
239 +-OPT = -g -O2 -Wall
240 ++#OPT = -g -O2 -Wall
241 ++OPT = -Wall
242 + DEFS = -DSLAPD_OVER_RDNVAL=SLAPD_MOD_DYNAMIC \
243 + -DSLAPD_OVER_PGUID=SLAPD_MOD_DYNAMIC \
244 + -DSLAPD_OVER_VERNUM=SLAPD_MOD_DYNAMIC
245 +@@ -41,20 +42,20 @@
246 + .SUFFIXES: .c .o .lo
247 +
248 + .c.lo:
249 +- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
250 ++ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(CFLAGS) $(DEFS) $(INCS) -c $<
251 +
252 + all: $(PROGRAMS)
253 +
254 + pguid.la: pguid.lo
255 +- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
256 ++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
257 + -rpath $(moduledir) -module -o $@ $? $(LIBS)
258 +
259 + rdnval.la: rdnval.lo
260 +- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
261 ++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
262 + -rpath $(moduledir) -module -o $@ $? $(LIBS)
263 +
264 + vernum.la: vernum.lo
265 +- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
266 ++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
267 + -rpath $(moduledir) -module -o $@ $? $(LIBS)
268 +
269 + clean:
270
271 diff --git a/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch b/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch
272 new file mode 100644
273 index 0000000000..4383802a0e
274 --- /dev/null
275 +++ b/net-nds/openldap/files/openldap-2.4.35-contrib-smbk5pwd.patch
276 @@ -0,0 +1,48 @@
277 +diff -Nuar openldap-2.4.35.orig/contrib/slapd-modules/smbk5pwd/Makefile openldap-2.4.35/contrib/slapd-modules/smbk5pwd/Makefile
278 +--- openldap-2.4.35.orig/contrib/slapd-modules/smbk5pwd/Makefile 2013-03-28 15:41:51.000000000 +0000
279 ++++ openldap-2.4.35/contrib/slapd-modules/smbk5pwd/Makefile 2013-04-16 02:13:38.939913119 +0000
280 +@@ -21,16 +21,23 @@
281 + SSL_INC =
282 + SSL_LIB = -lcrypto
283 +
284 +-HEIMDAL_INC = -I/usr/heimdal/include
285 +-HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv
286 ++#HEIMDAL_INC = -I/usr/heimdal/include
287 ++#HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv
288 ++KRB5_INC = $(HEIMDAL_INC)
289 ++KRB5_LIB = $(HEIMDAL_LIB) -lkrb5 -lkadm5srv
290 +
291 + LIBTOOL = $(LDAP_BUILD)/libtool
292 + CC = gcc
293 +-OPT = -g -O2 -Wall
294 ++#OPT = -g -O2 -Wall
295 ++OPT = -Wall
296 + # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it.
297 +-DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW
298 +-INCS = $(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
299 +-LIBS = $(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
300 ++#DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW
301 ++INCS = $(LDAP_INC) $(KRB5_INC) $(SSL_INC)
302 ++ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
303 ++ LIBS=$(LDAP_LIB) $(SSL_LIB)
304 ++else
305 ++ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
306 ++endif
307 +
308 + PROGRAMS = smbk5pwd.la
309 + LTVER = 0:0:0
310 +@@ -46,12 +53,12 @@
311 + .SUFFIXES: .c .o .lo
312 +
313 + .c.lo:
314 +- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
315 ++ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(CFLAGS) $(DEFS) $(INCS) -c $<
316 +
317 + all: $(PROGRAMS)
318 +
319 + smbk5pwd.la: smbk5pwd.lo
320 +- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
321 ++ $(LIBTOOL) --mode=link $(CC) $(OPT) $(CFLAGS) -version-info $(LTVER) \
322 + -rpath $(moduledir) -module -o $@ $? $(LIBS)
323 +
324 + clean:
325
326 diff --git a/net-nds/openldap/files/openldap-2.4.40-slapd-conf b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
327 new file mode 100644
328 index 0000000000..8ecc732b96
329 --- /dev/null
330 +++ b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
331 @@ -0,0 +1,64 @@
332 +#
333 +# See slapd.conf(5) for details on configuration options.
334 +# This file should NOT be world readable.
335 +#
336 +include /etc/openldap/schema/core.schema
337 +
338 +# Define global ACLs to disable default read access.
339 +
340 +# Do not enable referrals until AFTER you have a working directory
341 +# service AND an understanding of referrals.
342 +#referral ldap://root.openldap.org
343 +
344 +pidfile /run/openldap/slapd.pid
345 +argsfile /run/openldap/slapd.args
346 +
347 +# Load dynamic backend modules:
348 +###INSERTDYNAMICMODULESHERE###
349 +
350 +# Sample security restrictions
351 +# Require integrity protection (prevent hijacking)
352 +# Require 112-bit (3DES or better) encryption for updates
353 +# Require 63-bit encryption for simple bind
354 +# security ssf=1 update_ssf=112 simple_bind=64
355 +
356 +# Sample access control policy:
357 +# Root DSE: allow anyone to read it
358 +# Subschema (sub)entry DSE: allow anyone to read it
359 +# Other DSEs:
360 +# Allow self write access
361 +# Allow authenticated users read access
362 +# Allow anonymous users to authenticate
363 +# Directives needed to implement policy:
364 +# access to dn.base="" by * read
365 +# access to dn.base="cn=Subschema" by * read
366 +# access to *
367 +# by self write
368 +# by users read
369 +# by anonymous auth
370 +#
371 +# if no access controls are present, the default policy
372 +# allows anyone and everyone to read anything but restricts
373 +# updates to rootdn. (e.g., "access to * by * read")
374 +#
375 +# rootdn can always read and write EVERYTHING!
376 +
377 +#######################################################################
378 +# BDB database definitions
379 +#######################################################################
380 +
381 +database hdb
382 +suffix "dc=my-domain,dc=com"
383 +# <kbyte> <min>
384 +checkpoint 32 30
385 +rootdn "cn=Manager,dc=my-domain,dc=com"
386 +# Cleartext passwords, especially for the rootdn, should
387 +# be avoid. See slappasswd(8) and slapd.conf(5) for details.
388 +# Use of strong authentication encouraged.
389 +rootpw secret
390 +# The database directory MUST exist prior to running slapd AND
391 +# should only be accessible by the slapd and slap tools.
392 +# Mode 700 recommended.
393 +directory /var/lib/openldap-data
394 +# Indices to maintain
395 +index objectClass eq
396
397 diff --git a/net-nds/openldap/files/openldap-2.4.42-mdb-unbundle.patch b/net-nds/openldap/files/openldap-2.4.42-mdb-unbundle.patch
398 new file mode 100644
399 index 0000000000..9265a01701
400 --- /dev/null
401 +++ b/net-nds/openldap/files/openldap-2.4.42-mdb-unbundle.patch
402 @@ -0,0 +1,136 @@
403 +--- ./build/top.mk.orig 2014-10-24 14:34:59.260827298 +0200
404 ++++ ./build/top.mk 2014-10-24 14:35:25.281168893 +0200
405 +@@ -160,6 +160,7 @@
406 + LTHREAD_LIBS = @LTHREAD_LIBS@
407 +
408 + BDB_LIBS = @BDB_LIBS@
409 ++MDB_LIBS = @MDB_LIBS@
410 + SLAPD_NDB_LIBS = @SLAPD_NDB_LIBS@
411 +
412 + LDAP_LIBLBER_LA = $(LDAP_LIBDIR)/liblber/liblber.la
413 +--- ./build/openldap.m4.orig 2014-10-24 10:52:02.837221734 +0200
414 ++++ ./build/openldap.m4 2014-10-24 11:31:02.748087966 +0200
415 +@@ -563,6 +563,38 @@
416 + ], [ol_cv_bdb_compat=yes], [ol_cv_bdb_compat=no])])
417 + ])
418 +
419 ++dnl --------------------------------------------------------------------
420 ++dnl Check for version compatility with back-mdb
421 ++AC_DEFUN([OL_MDB_COMPAT],
422 ++[AC_CACHE_CHECK([if LMDB version supported by MDB backends], [ol_cv_mdb_compat],[
423 ++ AC_EGREP_CPP(__mdb_version_compat,[
424 ++#include <lmdb.h>
425 ++
426 ++/* require 0.9.14 or later */
427 ++#if MDB_VERSION_FULL >= 0x00000009000E
428 ++ __mdb_version_compat
429 ++#endif
430 ++ ], [ol_cv_mdb_compat=yes], [ol_cv_mdb_compat=no])])
431 ++])
432 ++
433 ++dnl
434 ++dnl --------------------------------------------------------------------
435 ++dnl Find any MDB
436 ++AC_DEFUN([OL_MDB],
437 ++[ol_cv_mdb=no
438 ++AC_CHECK_HEADERS(lmdb.h)
439 ++if test $ac_cv_header_lmdb_h = yes; then
440 ++ OL_MDB_COMPAT
441 ++
442 ++ if test $ol_cv_mdb_compat != yes ; then
443 ++ AC_MSG_ERROR([LMDB version incompatible with MDB backends])
444 ++ fi
445 ++
446 ++ ol_cv_lib_mdb=-llmdb
447 ++ ol_cv_mdb=yes
448 ++fi
449 ++])
450 ++
451 + dnl
452 + dnl ====================================================================
453 + dnl Check POSIX Thread version
454 +--- ./servers/slapd/back-mdb/Makefile.in.orig 2014-10-24 10:31:30.860931076 +0200
455 ++++ ./servers/slapd/back-mdb/Makefile.in 2014-10-24 14:33:33.803705424 +0200
456 +@@ -25,11 +25,10 @@
457 + extended.lo operational.lo \
458 + attr.lo index.lo key.lo filterindex.lo \
459 + dn2entry.lo dn2id.lo id2entry.lo idl.lo \
460 +- nextid.lo monitor.lo mdb.lo midl.lo
461 ++ nextid.lo monitor.lo
462 +
463 + LDAP_INCDIR= ../../../include
464 + LDAP_LIBDIR= ../../../libraries
465 +-MDB_SUBDIR = $(srcdir)/$(LDAP_LIBDIR)/liblmdb
466 +
467 + BUILD_OPT = "--enable-mdb"
468 + BUILD_MOD = @BUILD_MDB@
469 +@@ -44,7 +43,7 @@
470 +
471 + LIBBASE = back_mdb
472 +
473 +-XINCPATH = -I.. -I$(srcdir)/.. -I$(MDB_SUBDIR)
474 ++XINCPATH = -I.. -I$(srcdir)/..
475 + XDEFS = $(MODULES_CPPFLAGS)
476 +
477 + all-local-lib: ../.backend
478 +@@ -52,11 +51,5 @@
479 + ../.backend: lib$(LIBBASE).a
480 + @touch $@
481 +
482 +-mdb.lo: $(MDB_SUBDIR)/mdb.c
483 +- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/mdb.c
484 +-
485 +-midl.lo: $(MDB_SUBDIR)/midl.c
486 +- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/midl.c
487 +-
488 + veryclean-local-lib: FORCE
489 + $(RM) $(XXHEADERS) $(XXSRCS) .links
490 +--- ./configure.in.orig 2014-10-24 10:46:53.289139847 +0200
491 ++++ ./configure.in 2014-10-24 10:51:34.372846374 +0200
492 +@@ -519,6 +519,7 @@
493 + dnl Initialize vars
494 + LDAP_LIBS=
495 + BDB_LIBS=
496 ++MDB_LIBS=
497 + SLAPD_NDB_LIBS=
498 + SLAPD_NDB_INCS=
499 + LTHREAD_LIBS=
500 +@@ -1905,6 +1906,30 @@
501 + fi
502 +
503 + dnl ----------------------------------------------------------------
504 ++ol_link_mdb=no
505 ++
506 ++if test $ol_enable_mdb != no; then
507 ++ OL_MDB
508 ++
509 ++ if test $ol_cv_mdb = no ; then
510 ++ AC_MSG_ERROR(MDB: LMDB not available)
511 ++ fi
512 ++
513 ++ AC_DEFINE(HAVE_MDB,1,
514 ++ [define this if LMDB is available])
515 ++
516 ++ dnl $ol_cv_lib_mdb should be yes or -llmdb
517 ++ dnl (it could be no, but that would be an error
518 ++ if test $ol_cv_lib_mdb != yes ; then
519 ++ MDB_LIBS="$MDB_LIBS $ol_cv_lib_mdb"
520 ++ fi
521 ++
522 ++ SLAPD_LIBS="$SLAPD_LIBS \$(MDB_LIBS)"
523 ++
524 ++ ol_link_mdb=yes
525 ++fi
526 ++
527 ++dnl ----------------------------------------------------------------
528 +
529 + if test $ol_enable_dynamic = yes && test $enable_shared = yes ; then
530 + BUILD_LIBS_DYNAMIC=shared
531 +@@ -3133,6 +3158,7 @@
532 + AC_SUBST(LDAP_LIBS)
533 + AC_SUBST(SLAPD_LIBS)
534 + AC_SUBST(BDB_LIBS)
535 ++AC_SUBST(MDB_LIBS)
536 + AC_SUBST(SLAPD_NDB_LIBS)
537 + AC_SUBST(SLAPD_NDB_INCS)
538 + AC_SUBST(LTHREAD_LIBS)
539
540 diff --git a/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch
541 new file mode 100644
542 index 0000000000..29688fcb14
543 --- /dev/null
544 +++ b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch
545 @@ -0,0 +1,109 @@
546 +If GnuTLS is used, the lmpasswd module for USE=samba does not compile.
547 +Forward-port an old Debian patch that upstream never applied.
548 +
549 +Signed-off-by: Robin H. Johnson <robbat2@g.o>
550 +Signed-off-by: Steffen Hau <steffen@×××××××.de>
551 +X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633
552 +X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997
553 +X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341
554 +
555 +--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700
556 ++++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700
557 +@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8];
558 + typedef PK11Context *des_context[1];
559 + #define DES_ENCRYPT CKA_ENCRYPT
560 +
561 ++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
562 ++# include <gcrypt.h>
563 ++static int gcrypt_init = 0;
564 ++
565 ++typedef const void* des_key;
566 ++typedef unsigned char DES_cblock[8];
567 ++typedef DES_cblock des_data_block;
568 ++typedef int DES_key_schedule; /* unused */
569 ++typedef DES_key_schedule des_context; /* unused */
570 ++#define des_failed(encrypted) 0
571 ++#define des_finish(key, schedule)
572 ++
573 ++#define DES_set_key_unchecked( key, key_sched ) \
574 ++ gcry_cipher_setkey( hd, key, 8 )
575 ++
576 ++#define DES_ecb_encrypt( input, output, key_sched, enc ) \
577 ++ gcry_cipher_encrypt( hd, *output, 8, *input, 8 )
578 ++
579 ++#define DES_set_odd_parity( key ) do {} while(0)
580 ++
581 + #endif
582 +
583 + #endif /* SLAPD_LMHASH */
584 +@@ -651,7 +671,7 @@ static int chk_md5(
585 +
586 + #ifdef SLAPD_LMHASH
587 +
588 +-#if defined(HAVE_OPENSSL)
589 ++#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H)
590 +
591 + /*
592 + * abstract away setting the parity.
593 +@@ -841,6 +861,19 @@ static int chk_lanman(
594 + des_data_block StdText = "KGS!@#$%";
595 + des_data_block PasswordHash1, PasswordHash2;
596 + char PasswordHash[33], storedPasswordHash[33];
597 ++
598 ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
599 ++ gcry_cipher_hd_t hd;
600 ++
601 ++ if ( !gcrypt_init ) {
602 ++ gcry_check_version( GCRYPT_VERSION );
603 ++ gcrypt_init = 1;
604 ++ }
605 ++
606 ++ schedule = schedule; /* unused - avoid warning */
607 ++
608 ++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
609 ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
610 +
611 + for( i=0; i<cred->bv_len; i++) {
612 + if(cred->bv_val[i] == '\0') {
613 +@@ -883,6 +916,10 @@ static int chk_lanman(
614 + strncpy( storedPasswordHash, passwd->bv_val, 32 );
615 + storedPasswordHash[32] = '\0';
616 + ldap_pvt_str2lower( storedPasswordHash );
617 ++
618 ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
619 ++ gcry_cipher_close( hd );
620 ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
621 +
622 + return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
623 + }
624 +@@ -1138,6 +1175,19 @@ static int hash_lanman(
625 + des_data_block PasswordHash1, PasswordHash2;
626 + char PasswordHash[33];
627 +
628 ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
629 ++ gcry_cipher_hd_t hd;
630 ++
631 ++ if ( !gcrypt_init ) {
632 ++ gcry_check_version( GCRYPT_VERSION );
633 ++ gcrypt_init = 1;
634 ++ }
635 ++
636 ++ schedule = schedule; /* unused - avoid warning */
637 ++
638 ++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
639 ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
640 ++
641 + for( i=0; i<passwd->bv_len; i++) {
642 + if(passwd->bv_val[i] == '\0') {
643 + return LUTIL_PASSWD_ERR; /* NUL character in password */
644 +@@ -1168,6 +1218,10 @@ static int hash_lanman(
645 +
646 + hash->bv_val = PasswordHash;
647 + hash->bv_len = 32;
648 ++
649 ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
650 ++ gcry_cipher_close( hd );
651 ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
652 +
653 + return pw_string( scheme, hash );
654 + }
655
656 diff --git a/net-nds/openldap/files/openldap-2.4.45-libressl.patch b/net-nds/openldap/files/openldap-2.4.45-libressl.patch
657 new file mode 100644
658 index 0000000000..20a65a4e0f
659 --- /dev/null
660 +++ b/net-nds/openldap/files/openldap-2.4.45-libressl.patch
661 @@ -0,0 +1,65 @@
662 +--- libraries/libldap/tls_o.c.orig 2017-06-04 16:31:28 UTC
663 ++++ libraries/libldap/tls_o.c
664 +@@ -47,7 +47,7 @@
665 + #include <ssl.h>
666 + #endif
667 +
668 +-#if OPENSSL_VERSION_NUMBER >= 0x10100000
669 ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
670 + #define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
671 + #endif
672 +
673 +@@ -157,7 +157,7 @@ tlso_init( void )
674 + (void) tlso_seed_PRNG( lo->ldo_tls_randfile );
675 + #endif
676 +
677 +-#if OPENSSL_VERSION_NUMBER < 0x10100000
678 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
679 + SSL_load_error_strings();
680 + SSL_library_init();
681 + OpenSSL_add_all_digests();
682 +@@ -205,7 +205,7 @@ static void
683 + tlso_ctx_ref( tls_ctx *ctx )
684 + {
685 + tlso_ctx *c = (tlso_ctx *)ctx;
686 +-#if OPENSSL_VERSION_NUMBER < 0x10100000
687 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
688 + #define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )
689 + #endif
690 + SSL_CTX_up_ref( c );
691 +@@ -464,7 +464,7 @@ tlso_session_my_dn( tls_session *sess, struct berval *
692 + if (!x) return LDAP_INVALID_CREDENTIALS;
693 +
694 + xn = X509_get_subject_name(x);
695 +-#if OPENSSL_VERSION_NUMBER < 0x10100000
696 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
697 + der_dn->bv_len = i2d_X509_NAME( xn, NULL );
698 + der_dn->bv_val = xn->bytes->data;
699 + #else
700 +@@ -500,7 +500,7 @@ tlso_session_peer_dn( tls_session *sess, struct berval
701 + return LDAP_INVALID_CREDENTIALS;
702 +
703 + xn = X509_get_subject_name(x);
704 +-#if OPENSSL_VERSION_NUMBER < 0x10100000
705 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
706 + der_dn->bv_len = i2d_X509_NAME( xn, NULL );
707 + der_dn->bv_val = xn->bytes->data;
708 + #else
709 +@@ -721,7 +721,7 @@ struct tls_data {
710 + Sockbuf_IO_Desc *sbiod;
711 + };
712 +
713 +-#if OPENSSL_VERSION_NUMBER < 0x10100000
714 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
715 + #define BIO_set_init(b, x) b->init = x
716 + #define BIO_set_data(b, x) b->ptr = x
717 + #define BIO_clear_flags(b, x) b->flags &= ~(x)
718 +@@ -822,7 +822,7 @@ tlso_bio_puts( BIO *b, const char *str )
719 + return tlso_bio_write( b, str, strlen( str ) );
720 + }
721 +
722 +-#if OPENSSL_VERSION_NUMBER >= 0x10100000
723 ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
724 + struct bio_method_st {
725 + int type;
726 + const char *name;
727
728 diff --git a/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch b/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch
729 new file mode 100644
730 index 0000000000..33ff29e0ae
731 --- /dev/null
732 +++ b/net-nds/openldap/files/openldap-2.4.6-evolution-ntlm.patch
733 @@ -0,0 +1,192 @@
734 +diff -up evo-openldap-2.4.14/include/ldap.h.evolution-ntlm evo-openldap-2.4.14/include/ldap.h
735 +--- evo-openldap-2.4.14/include/ldap.h.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
736 ++++ evo-openldap-2.4.14/include/ldap.h 2009-02-17 10:10:00.000000000 +0100
737 +@@ -2461,5 +2461,26 @@ ldap_parse_deref_control LDAP_P((
738 + LDAPControl **ctrls,
739 + LDAPDerefRes **drp ));
740 +
741 ++/*
742 ++ * hacks for NTLM
743 ++ */
744 ++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
745 ++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
746 ++LDAP_F( int )
747 ++ldap_ntlm_bind LDAP_P((
748 ++ LDAP *ld,
749 ++ LDAP_CONST char *dn,
750 ++ ber_tag_t tag,
751 ++ struct berval *cred,
752 ++ LDAPControl **sctrls,
753 ++ LDAPControl **cctrls,
754 ++ int *msgidp ));
755 ++LDAP_F( int )
756 ++ldap_parse_ntlm_bind_result LDAP_P((
757 ++ LDAP *ld,
758 ++ LDAPMessage *res,
759 ++ struct berval *challenge));
760 ++
761 ++
762 + LDAP_END_DECL
763 + #endif /* _LDAP_H */
764 +diff -up evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm evo-openldap-2.4.14/libraries/libldap/Makefile.in
765 +--- evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
766 ++++ evo-openldap-2.4.14/libraries/libldap/Makefile.in 2009-02-17 10:10:00.000000000 +0100
767 +@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur
768 + SRCS = bind.c open.c result.c error.c compare.c search.c \
769 + controls.c messages.c references.c extended.c cyrus.c \
770 + modify.c add.c modrdn.c delete.c abandon.c \
771 +- sasl.c gssapi.c sbind.c unbind.c cancel.c \
772 ++ sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c \
773 + filter.c free.c sort.c passwd.c whoami.c \
774 + getdn.c getentry.c getattr.c getvalues.c addentry.c \
775 + request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
776 +@@ -33,7 +33,7 @@ SRCS = bind.c open.c result.c error.c co
777 + OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
778 + controls.lo messages.lo references.lo extended.lo cyrus.lo \
779 + modify.lo add.lo modrdn.lo delete.lo abandon.lo \
780 +- sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
781 ++ sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
782 + filter.lo free.lo sort.lo passwd.lo whoami.lo \
783 + getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
784 + request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
785 +diff -up /dev/null evo-openldap-2.4.14/libraries/libldap/ntlm.c
786 +--- /dev/null 2009-02-17 09:19:52.829004420 +0100
787 ++++ evo-openldap-2.4.14/libraries/libldap/ntlm.c 2009-02-17 10:10:00.000000000 +0100
788 +@@ -0,0 +1,137 @@
789 ++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
790 ++/*
791 ++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
792 ++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
793 ++ */
794 ++
795 ++/* Mostly copied from sasl.c */
796 ++
797 ++#include "portable.h"
798 ++
799 ++#include <stdlib.h>
800 ++#include <stdio.h>
801 ++
802 ++#include <ac/socket.h>
803 ++#include <ac/string.h>
804 ++#include <ac/time.h>
805 ++#include <ac/errno.h>
806 ++
807 ++#include "ldap-int.h"
808 ++
809 ++int
810 ++ldap_ntlm_bind(
811 ++ LDAP *ld,
812 ++ LDAP_CONST char *dn,
813 ++ ber_tag_t tag,
814 ++ struct berval *cred,
815 ++ LDAPControl **sctrls,
816 ++ LDAPControl **cctrls,
817 ++ int *msgidp )
818 ++{
819 ++ BerElement *ber;
820 ++ int rc;
821 ++ ber_int_t id;
822 ++
823 ++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
824 ++
825 ++ assert( ld != NULL );
826 ++ assert( LDAP_VALID( ld ) );
827 ++ assert( msgidp != NULL );
828 ++
829 ++ if( msgidp == NULL ) {
830 ++ ld->ld_errno = LDAP_PARAM_ERROR;
831 ++ return ld->ld_errno;
832 ++ }
833 ++
834 ++ /* create a message to send */
835 ++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
836 ++ ld->ld_errno = LDAP_NO_MEMORY;
837 ++ return ld->ld_errno;
838 ++ }
839 ++
840 ++ assert( LBER_VALID( ber ) );
841 ++
842 ++ LDAP_NEXT_MSGID( ld, id );
843 ++ rc = ber_printf( ber, "{it{istON}" /*}*/,
844 ++ id, LDAP_REQ_BIND,
845 ++ ld->ld_version, dn, tag,
846 ++ cred );
847 ++
848 ++ /* Put Server Controls */
849 ++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
850 ++ ber_free( ber, 1 );
851 ++ return ld->ld_errno;
852 ++ }
853 ++
854 ++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
855 ++ ld->ld_errno = LDAP_ENCODING_ERROR;
856 ++ ber_free( ber, 1 );
857 ++ return ld->ld_errno;
858 ++ }
859 ++
860 ++ /* send the message */
861 ++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
862 ++
863 ++ if(*msgidp < 0)
864 ++ return ld->ld_errno;
865 ++
866 ++ return LDAP_SUCCESS;
867 ++}
868 ++
869 ++int
870 ++ldap_parse_ntlm_bind_result(
871 ++ LDAP *ld,
872 ++ LDAPMessage *res,
873 ++ struct berval *challenge)
874 ++{
875 ++ ber_int_t errcode;
876 ++ ber_tag_t tag;
877 ++ BerElement *ber;
878 ++ ber_len_t len;
879 ++
880 ++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
881 ++
882 ++ assert( ld != NULL );
883 ++ assert( LDAP_VALID( ld ) );
884 ++ assert( res != NULL );
885 ++
886 ++ if ( ld == NULL || res == NULL ) {
887 ++ return LDAP_PARAM_ERROR;
888 ++ }
889 ++
890 ++ if( res->lm_msgtype != LDAP_RES_BIND ) {
891 ++ ld->ld_errno = LDAP_PARAM_ERROR;
892 ++ return ld->ld_errno;
893 ++ }
894 ++
895 ++ if ( ld->ld_error ) {
896 ++ LDAP_FREE( ld->ld_error );
897 ++ ld->ld_error = NULL;
898 ++ }
899 ++ if ( ld->ld_matched ) {
900 ++ LDAP_FREE( ld->ld_matched );
901 ++ ld->ld_matched = NULL;
902 ++ }
903 ++
904 ++ /* parse results */
905 ++
906 ++ ber = ber_dup( res->lm_ber );
907 ++
908 ++ if( ber == NULL ) {
909 ++ ld->ld_errno = LDAP_NO_MEMORY;
910 ++ return ld->ld_errno;
911 ++ }
912 ++
913 ++ tag = ber_scanf( ber, "{ioa" /*}*/,
914 ++ &errcode, challenge, &ld->ld_error );
915 ++ ber_free( ber, 0 );
916 ++
917 ++ if( tag == LBER_ERROR ) {
918 ++ ld->ld_errno = LDAP_DECODING_ERROR;
919 ++ return ld->ld_errno;
920 ++ }
921 ++
922 ++ ld->ld_errno = errcode;
923 ++
924 ++ return( ld->ld_errno );
925 ++}
926
927 diff --git a/net-nds/openldap/files/slapd-confd-2.4.28-r1 b/net-nds/openldap/files/slapd-confd-2.4.28-r1
928 new file mode 100644
929 index 0000000000..ef19899a37
930 --- /dev/null
931 +++ b/net-nds/openldap/files/slapd-confd-2.4.28-r1
932 @@ -0,0 +1,26 @@
933 +# conf.d file for openldap
934 +#
935 +# To enable both the standard unciphered server and the ssl encrypted
936 +# one uncomment this line or set any other server starting options
937 +# you may desire.
938 +
939 +# If you have multiple slapd instances per #376699, this will provide a default config
940 +INSTANCE="openldap${SVCNAME#slapd}"
941 +
942 +# If you use the classical configuration file:
943 +OPTS_CONF="-f /etc/${INSTANCE}/slapd.conf"
944 +# Uncomment this instead to use the new slapd.d configuration directory for openldap 2.3
945 +#OPTS_CONF="-F /etc/${INSTANCE}/slapd.d"
946 +# (the OPTS_CONF variable is also passed to slaptest during startup)
947 +
948 +OPTS="${OPTS_CONF} -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"
949 +# Optional connectionless LDAP:
950 +#OPTS="${OPTS_CONF} -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock cldap://'"
951 +
952 +# If you change the above listen statement to bind on a specific IP for
953 +# listening, you should ensure that interface is up here (change eth0 as
954 +# needed).
955 +#rc_need="net.eth0"
956 +
957 +# Specify the kerberos keytab file
958 +#KRB5_KTNAME=/etc/openldap/krb5-ldap.keytab
959
960 diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r2 b/net-nds/openldap/files/slapd-initd-2.4.40-r2
961 new file mode 100644
962 index 0000000000..9c4e6818da
963 --- /dev/null
964 +++ b/net-nds/openldap/files/slapd-initd-2.4.40-r2
965 @@ -0,0 +1,64 @@
966 +#!/sbin/openrc-run
967 +# Copyright 1999-2018 Gentoo Foundation
968 +# Distributed under the terms of the GNU General Public License v2
969 +
970 +extra_commands="checkconfig"
971 +
972 +[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
973 +PIDDIR=/run/openldap
974 +PIDFILE=$PIDDIR/$SVCNAME.pid
975 +
976 +depend() {
977 + need net
978 + before dbus hald avahi-daemon
979 + provide ldap
980 +}
981 +
982 +start() {
983 + checkpath -q -d ${PIDDIR} -o ldap:ldap
984 + if ! checkconfig -Q ; then
985 + eerror "There is a problem with your slapd.conf!"
986 + return 1
987 + fi
988 + ebegin "Starting ldap-server"
989 + [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
990 + eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
991 + eend $?
992 +}
993 +
994 +stop() {
995 + ebegin "Stopping ldap-server"
996 + start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
997 + eend $?
998 +}
999 +
1000 +checkconfig() {
1001 + # checks requested by bug #502948
1002 + # Step 1: extract the last valid config file or config dir
1003 + set -- $OPTS
1004 + while [ -n "$*" ]; do
1005 + opt=$1 ; shift
1006 + if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then
1007 + CONF=$1
1008 + shift
1009 + fi
1010 + done
1011 + set --
1012 + # Fallback
1013 + CONF=${CONF-/etc/openldap/slapd.conf}
1014 + [ -d $CONF ] && CONF=${CONF}/*
1015 + DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \\$2}"' $CONF`
1016 + for d in $DBDIRS; do
1017 + if [ ! -d $d ]; then
1018 + eerror "Directory $d in config does not exist!"
1019 + return 1
1020 + fi
1021 + /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
1022 + if [ $? -ne 0 ]; then
1023 + ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
1024 + fi
1025 + [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
1026 + done
1027 + # now test the config fully
1028 + /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
1029 +}
1030
1031 diff --git a/net-nds/openldap/files/slapd.service b/net-nds/openldap/files/slapd.service
1032 new file mode 100644
1033 index 0000000000..3427b87e93
1034 --- /dev/null
1035 +++ b/net-nds/openldap/files/slapd.service
1036 @@ -0,0 +1,12 @@
1037 +[Unit]
1038 +Description=OpenLDAP Server Daemon
1039 +After=network.target
1040 +
1041 +[Service]
1042 +Type=forking
1043 +PIDFile=/run/openldap/slapd.pid
1044 +ExecStartPre=/usr/sbin/slaptest -Q -u $SLAPD_OPTIONS
1045 +ExecStart=/usr/lib/openldap/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS
1046 +
1047 +[Install]
1048 +WantedBy=multi-user.target
1049
1050 diff --git a/net-nds/openldap/files/slapd.service.conf b/net-nds/openldap/files/slapd.service.conf
1051 new file mode 100644
1052 index 0000000000..812ea68ed4
1053 --- /dev/null
1054 +++ b/net-nds/openldap/files/slapd.service.conf
1055 @@ -0,0 +1,12 @@
1056 +[Service]
1057 +# Use the classical configuration file:
1058 +#Environment="SLAPD_OPTIONS=-f /etc/openldap/slapd.conf"
1059 +# Use the slapd configuration directory:
1060 +#Environment="SLAPD_OPTIONS=-F /etc/openldap/slapd.d"
1061 +
1062 +Environment="SLAPD_URLS=ldaps:/// ldap:/// ldapi:///"
1063 +# Other examples:
1064 +#Environment="SLAPD_URLS=ldap://127.0.0.1/ ldap://10.0.0.1:1389/ cldap:///"
1065 +
1066 +# Specify the kerberos keytab file
1067 +#Environment=KRB5_KTNAME=/etc/openldap/krb5-ldap.keytab
1068
1069 diff --git a/net-nds/openldap/files/slapd.tmpfilesd b/net-nds/openldap/files/slapd.tmpfilesd
1070 new file mode 100644
1071 index 0000000000..634cea1642
1072 --- /dev/null
1073 +++ b/net-nds/openldap/files/slapd.tmpfilesd
1074 @@ -0,0 +1,2 @@
1075 +# openldap runtime directory for slapd.arg and slapd.pid
1076 +d /run/openldap 0755 ldap ldap -
1077
1078 diff --git a/net-nds/openldap/metadata.xml b/net-nds/openldap/metadata.xml
1079 new file mode 100644
1080 index 0000000000..6cea2f2e32
1081 --- /dev/null
1082 +++ b/net-nds/openldap/metadata.xml
1083 @@ -0,0 +1,20 @@
1084 +<?xml version="1.0" encoding="UTF-8"?>
1085 +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
1086 +<pkgmetadata>
1087 + <maintainer type="project">
1088 + <email>ldap-bugs@g.o</email>
1089 + </maintainer>
1090 + <use>
1091 + <flag name="experimental">Enable experimental backend options</flag>
1092 + <flag name="kinit">Enable support for kerberos init</flag>
1093 + <flag name="odbc">Enable ODBC and SQL backend options</flag>
1094 + <flag name="overlays">Enable contributed OpenLDAP overlays</flag>
1095 + <flag name="smbkrb5passwd">Enable overlay for syncing ldap, unix and lanman passwords</flag>
1096 + <flag name="minimal">Build libraries &amp; userspace tools only. Does not install any server code</flag>
1097 + <flag name="pbkdf2">Enable support for pbkdf2 passwords</flag>
1098 + <flag name="sha2">Enable support for pw-sha2 password hashes</flag>
1099 + </use>
1100 + <upstream>
1101 + <remote-id type="cpe">cpe:/a:openldap:openldap</remote-id>
1102 + </upstream>
1103 +</pkgmetadata>
1104
1105 diff --git a/net-nds/openldap/openldap-2.4.45.ebuild b/net-nds/openldap/openldap-2.4.45.ebuild
1106 new file mode 100644
1107 index 0000000000..e6bf0b44ed
1108 --- /dev/null
1109 +++ b/net-nds/openldap/openldap-2.4.45.ebuild
1110 @@ -0,0 +1,886 @@
1111 +# Copyright 1999-2018 Gentoo Foundation
1112 +# Distributed under the terms of the GNU General Public License v2
1113 +
1114 +EAPI="5"
1115 +
1116 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
1117 +
1118 +BIS_PN=rfc2307bis.schema
1119 +BIS_PV=20140524
1120 +BIS_P="${BIS_PN}-${BIS_PV}"
1121 +
1122 +DESCRIPTION="LDAP suite of application and development tools"
1123 +HOMEPAGE="http://www.OpenLDAP.org/"
1124 +
1125 +# mirrors are mostly not working, using canonical URI
1126 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
1127 + mirror://gentoo/${BIS_P}"
1128 +
1129 +LICENSE="OPENLDAP GPL-2"
1130 +SLOT="0"
1131 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris ~x86-winnt"
1132 +
1133 +IUSE_DAEMON="crypt samba slp tcpd experimental minimal"
1134 +IUSE_BACKEND="+berkdb"
1135 +IUSE_OVERLAY="overlays perl"
1136 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
1137 +IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
1138 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
1139 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
1140 +
1141 +REQUIRED_USE="cxx? ( sasl )
1142 + ?? ( gnutls libressl )
1143 + pbkdf2? ( ssl )"
1144 +
1145 +# always list newer first
1146 +# Do not add any AGPL-3 BDB here!
1147 +# See bug 525110, comment 15.
1148 +# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
1149 +BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
1150 +BDB_PKGS=''
1151 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
1152 +
1153 +# openssl is needed to generate lanman-passwords required by samba
1154 +CDEPEND="
1155 + ssl? (
1156 + !gnutls? (
1157 + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
1158 + )
1159 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
1160 + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
1161 + >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
1162 + sasl? ( dev-libs/cyrus-sasl:= )
1163 + !minimal? (
1164 + sys-devel/libtool
1165 + sys-libs/e2fsprogs-libs
1166 + >=dev-db/lmdb-0.9.18:=
1167 + tcpd? ( sys-apps/tcp-wrappers )
1168 + odbc? ( !iodbc? ( dev-db/unixODBC )
1169 + iodbc? ( dev-db/libiodbc ) )
1170 + slp? ( net-libs/openslp )
1171 + perl? ( dev-lang/perl:=[-build(-)] )
1172 + samba? (
1173 + !libressl? ( dev-libs/openssl:0= )
1174 + libressl? ( dev-libs/libressl )
1175 + )
1176 + berkdb? (
1177 + <sys-libs/db-6.0:=
1178 + || ( ${BDB_PKGS} )
1179 + )
1180 + smbkrb5passwd? (
1181 + !libressl? ( dev-libs/openssl:0= )
1182 + libressl? ( dev-libs/libressl )
1183 + kerberos? ( app-crypt/heimdal )
1184 + )
1185 + kerberos? (
1186 + virtual/krb5
1187 + kinit? ( !app-crypt/heimdal )
1188 + )
1189 + cxx? ( dev-libs/cyrus-sasl:= )
1190 + )"
1191 +DEPEND="${CDEPEND}
1192 + sys-apps/groff"
1193 +RDEPEND="${CDEPEND}
1194 + selinux? ( sec-policy/selinux-ldap )
1195 +"
1196 +# for tracking versions
1197 +OPENLDAP_VERSIONTAG=".version-tag"
1198 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
1199 +
1200 +MULTILIB_WRAPPED_HEADERS=(
1201 + # USE=cxx
1202 + /usr/include/LDAPAsynConnection.h
1203 + /usr/include/LDAPAttrType.h
1204 + /usr/include/LDAPAttribute.h
1205 + /usr/include/LDAPAttributeList.h
1206 + /usr/include/LDAPConnection.h
1207 + /usr/include/LDAPConstraints.h
1208 + /usr/include/LDAPControl.h
1209 + /usr/include/LDAPControlSet.h
1210 + /usr/include/LDAPEntry.h
1211 + /usr/include/LDAPEntryList.h
1212 + /usr/include/LDAPException.h
1213 + /usr/include/LDAPExtResult.h
1214 + /usr/include/LDAPMessage.h
1215 + /usr/include/LDAPMessageQueue.h
1216 + /usr/include/LDAPModList.h
1217 + /usr/include/LDAPModification.h
1218 + /usr/include/LDAPObjClass.h
1219 + /usr/include/LDAPRebind.h
1220 + /usr/include/LDAPRebindAuth.h
1221 + /usr/include/LDAPReferenceList.h
1222 + /usr/include/LDAPResult.h
1223 + /usr/include/LDAPSaslBindResult.h
1224 + /usr/include/LDAPSchema.h
1225 + /usr/include/LDAPSearchReference.h
1226 + /usr/include/LDAPSearchResult.h
1227 + /usr/include/LDAPSearchResults.h
1228 + /usr/include/LDAPUrl.h
1229 + /usr/include/LDAPUrlList.h
1230 + /usr/include/LdifReader.h
1231 + /usr/include/LdifWriter.h
1232 + /usr/include/SaslInteraction.h
1233 + /usr/include/SaslInteractionHandler.h
1234 + /usr/include/StringList.h
1235 + /usr/include/TlsOptions.h
1236 +)
1237 +
1238 +openldap_filecount() {
1239 + local dir="$1"
1240 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
1241 +}
1242 +
1243 +openldap_find_versiontags() {
1244 + # scan for all datadirs
1245 + openldap_datadirs=""
1246 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
1247 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
1248 + fi
1249 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
1250 +
1251 + einfo
1252 + einfo "Scanning datadir(s) from slapd.conf and"
1253 + einfo "the default installdir for Versiontags"
1254 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
1255 + einfo
1256 +
1257 + # scan datadirs if we have a version tag
1258 + openldap_found_tag=0
1259 + have_files=0
1260 + for each in ${openldap_datadirs}; do
1261 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
1262 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
1263 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
1264 + einfo "- Checking ${each}..."
1265 + if [ -r ${CURRENT_TAG} ] ; then
1266 + # yey, we have one :)
1267 + einfo " Found Versiontag in ${each}"
1268 + source ${CURRENT_TAG}
1269 + if [ "${OLDPF}" == "" ] ; then
1270 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
1271 + eerror "Please delete it"
1272 + eerror
1273 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
1274 + fi
1275 +
1276 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
1277 +
1278 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
1279 +
1280 + # are we on the same branch?
1281 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
1282 + ewarn " Versiontag doesn't match current major release!"
1283 + if [[ "${have_files}" == "1" ]] ; then
1284 + eerror " Versiontag says other major and you (probably) have datafiles!"
1285 + echo
1286 + openldap_upgrade_howto
1287 + else
1288 + einfo " No real problem, seems there's no database."
1289 + fi
1290 + else
1291 + einfo " Versiontag is fine here :)"
1292 + fi
1293 + else
1294 + einfo " Non-tagged dir ${each}"
1295 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
1296 + if [[ "${have_files}" == "1" ]] ; then
1297 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
1298 + echo
1299 +
1300 + eerror
1301 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
1302 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
1303 + eerror
1304 + eerror "Please export data if any entered and empty or remove"
1305 + eerror "the directory, installation has been stopped so you"
1306 + eerror "can take required action"
1307 + eerror
1308 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
1309 + eerror
1310 + openldap_upgrade_howto
1311 + die "Please move the datadir ${CURRENT_TAGDIR} away"
1312 + fi
1313 + fi
1314 + einfo
1315 + fi
1316 + done
1317 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
1318 +
1319 + # Now we must check for the major version of sys-libs/db linked against.
1320 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
1321 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
1322 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
1323 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
1324 + if use berkdb; then
1325 + # find which one would be used
1326 + for bdb_slot in $BDB_SLOTS ; do
1327 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
1328 + [[ -n "$NEWVER" ]] && break
1329 + done
1330 + fi
1331 + local fail=0
1332 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
1333 + :
1334 + # Nothing wrong here.
1335 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
1336 + eerror " Your existing version of OpenLDAP was not built against"
1337 + eerror " any version of sys-libs/db, but the new one will build"
1338 + eerror " against ${NEWVER} and your database may be inaccessible."
1339 + echo
1340 + fail=1
1341 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
1342 + eerror " Your existing version of OpenLDAP was built against"
1343 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
1344 + eerror " built against any version and your database may be"
1345 + eerror " inaccessible."
1346 + echo
1347 + fail=1
1348 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
1349 + eerror " Your existing version of OpenLDAP was built against"
1350 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
1351 + eerror " ${NEWVER} and your database would be inaccessible."
1352 + echo
1353 + fail=1
1354 + fi
1355 + [ "${fail}" == "1" ] && openldap_upgrade_howto
1356 + fi
1357 +
1358 + echo
1359 + einfo
1360 + einfo "All datadirs are fine, proceeding with merge now..."
1361 + einfo
1362 +}
1363 +
1364 +openldap_upgrade_howto() {
1365 + eerror
1366 + eerror "A (possible old) installation of OpenLDAP was detected,"
1367 + eerror "installation will not proceed for now."
1368 + eerror
1369 + eerror "As major version upgrades can corrupt your database,"
1370 + eerror "you need to dump your database and re-create it afterwards."
1371 + eerror
1372 + eerror "Additionally, rebuilding against different major versions of the"
1373 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
1374 + eerror ""
1375 + d="$(date -u +%s)"
1376 + l="/root/ldapdump.${d}"
1377 + i="${l}.raw"
1378 + eerror " 1. /etc/init.d/slapd stop"
1379 + eerror " 2. slapcat -l ${i}"
1380 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
1381 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
1382 + eerror " 5. emerge --update \=net-nds/${PF}"
1383 + eerror " 6. etc-update, and ensure that you apply the changes"
1384 + eerror " 7. slapadd -l ${l}"
1385 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
1386 + eerror " 9. /etc/init.d/slapd start"
1387 + eerror "10. check that your data is intact."
1388 + eerror "11. set up the new replication system."
1389 + eerror
1390 + if [ "${FORCE_UPGRADE}" != "1" ]; then
1391 + die "You need to upgrade your database first"
1392 + else
1393 + eerror "You have the magical FORCE_UPGRADE=1 in place."
1394 + eerror "Don't say you weren't warned about data loss."
1395 + fi
1396 +}
1397 +
1398 +pkg_setup() {
1399 + if ! use sasl && use cxx ; then
1400 + die "To build the ldapc++ library you must emerge openldap with sasl support"
1401 + fi
1402 + # Bug #322787
1403 + if use minimal && ! has_version "net-nds/openldap" ; then
1404 + einfo "No datadir scan needed, openldap not installed"
1405 + elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
1406 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
1407 + else
1408 + openldap_find_versiontags
1409 + fi
1410 +
1411 + # The user/group are only used for running daemons which are
1412 + # disabled in minimal builds, so elide the accounts too.
1413 + if ! use minimal ; then
1414 + enewgroup ldap 439
1415 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
1416 + fi
1417 +}
1418 +
1419 +src_prepare() {
1420 + # ensure correct SLAPI path by default
1421 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
1422 + "${S}"/include/ldap_defaults.h
1423 +
1424 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
1425 +
1426 + epatch \
1427 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
1428 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
1429 +
1430 + # bug #116045 - still present in 2.4.28
1431 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
1432 + # bug #408077 - samba4
1433 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
1434 +
1435 + # bug #189817
1436 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
1437 +
1438 + # bug #233633
1439 + epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
1440 +
1441 + # bug #281495
1442 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
1443 +
1444 + # bug #294350
1445 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
1446 +
1447 + # unbreak /bin/sh -> dash
1448 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
1449 +
1450 + # bug #420959
1451 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
1452 +
1453 + # bug #622464
1454 + epatch "${FILESDIR}"/${PN}-2.4.45-libressl.patch
1455 +
1456 + # unbundle lmdb
1457 + epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
1458 + rm -rf "${S}"/libraries/liblmdb
1459 +
1460 + epatch_user
1461 +
1462 + cd "${S}"/build || die
1463 + einfo "Making sure upstream build strip does not do stripping too early"
1464 + sed -i.orig \
1465 + -e '/^STRIP/s,-s,,g' \
1466 + top.mk || die "Failed to block stripping"
1467 +
1468 + # wrong assumption that /bin/sh is /bin/bash
1469 + sed -i \
1470 + -e 's|/bin/sh|/bin/bash|g' \
1471 + "${S}"/tests/scripts/* || die "sed failed"
1472 +
1473 + sed -i \
1474 + -e 's/^\twindres/\t$(RC)/' \
1475 + "${S}"/libraries/liblutil/Makefile.in || die
1476 +
1477 + cd "${S}" || die
1478 +
1479 + AT_NOEAUTOMAKE=yes eautoreconf
1480 +}
1481 +
1482 +build_contrib_module() {
1483 + # <dir> <sources> <outputname>
1484 + cd "${S}/contrib/slapd-modules/$1" || die
1485 + einfo "Compiling contrib-module: $3"
1486 + # Make sure it's uppercase
1487 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
1488 + "${lt}" --mode=compile --tag=CC \
1489 + "${CC}" \
1490 + -D${define_name}=SLAPD_MOD_DYNAMIC \
1491 + -I"${BUILD_DIR}"/include \
1492 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
1493 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
1494 + einfo "Linking contrib-module: $3"
1495 + "${lt}" --mode=link --tag=CC \
1496 + "${CC}" -module \
1497 + ${CFLAGS} \
1498 + ${LDFLAGS} \
1499 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1500 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
1501 +}
1502 +
1503 +src_configure() {
1504 + # Bug 408001
1505 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
1506 +
1507 + # connectionless ldap per bug #342439
1508 + append-cppflags -DLDAP_CONNECTIONLESS
1509 +
1510 + multilib-minimal_src_configure
1511 +}
1512 +
1513 +multilib_src_configure() {
1514 + local myconf=()
1515 +
1516 + use debug && myconf+=( $(use_enable debug) )
1517 +
1518 + # ICU exists only in the configure, nowhere in the codebase, bug #510858
1519 + export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
1520 +
1521 + if ! use minimal && multilib_is_native_abi; then
1522 + local CPPFLAGS=${CPPFLAGS}
1523 +
1524 + # re-enable serverside overlay chains per bug #296567
1525 + # see ldap docs chaper 12.3.1 for details
1526 + myconf+=( --enable-ldap )
1527 +
1528 + # backends
1529 + myconf+=( --enable-slapd )
1530 + if use berkdb ; then
1531 + einfo "Using Berkeley DB for local backend"
1532 + myconf+=( --enable-bdb --enable-hdb )
1533 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
1534 + einfo "Using $DBINCLUDE for sys-libs/db version"
1535 + # We need to include the slotted db.h dir for FreeBSD
1536 + append-cppflags -I${DBINCLUDE}
1537 + else
1538 + myconf+=( --disable-bdb --disable-hdb )
1539 + fi
1540 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
1541 + myconf+=( --enable-${backend}=mod )
1542 + done
1543 +
1544 + myconf+=( $(use_enable perl perl mod) )
1545 +
1546 + myconf+=( $(use_enable odbc sql mod) )
1547 + if use odbc ; then
1548 + local odbc_lib="unixodbc"
1549 + if use iodbc ; then
1550 + odbc_lib="iodbc"
1551 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
1552 + fi
1553 + myconf+=( --with-odbc=${odbc_lib} )
1554 + fi
1555 +
1556 + # slapd options
1557 + myconf+=(
1558 + $(use_enable crypt)
1559 + $(use_enable slp)
1560 + $(use_enable samba lmpasswd)
1561 + $(use_enable syslog)
1562 + )
1563 + if use experimental ; then
1564 + myconf+=(
1565 + --enable-dynacl
1566 + --enable-aci=mod
1567 + )
1568 + fi
1569 + for option in aci cleartext modules rewrite rlookups slapi; do
1570 + myconf+=( --enable-${option} )
1571 + done
1572 +
1573 + # slapd overlay options
1574 + # Compile-in the syncprov, the others as module
1575 + myconf+=( --enable-syncprov=yes )
1576 + use overlays && myconf+=( --enable-overlays=mod )
1577 +
1578 + else
1579 + myconf+=(
1580 + --disable-backends
1581 + --disable-slapd
1582 + --disable-bdb
1583 + --disable-hdb
1584 + --disable-mdb
1585 + --disable-overlays
1586 + --disable-syslog
1587 + )
1588 + fi
1589 +
1590 + # basic functionality stuff
1591 + myconf+=(
1592 + $(use_enable ipv6)
1593 + $(multilib_native_use_with sasl cyrus-sasl)
1594 + $(multilib_native_use_enable sasl spasswd)
1595 + $(use_enable tcpd wrappers)
1596 + # kernel_Winnt: Cygwin provides AF_LOCAL, Winnt&Mingw do not
1597 + --enable-local=$(usex kernel_Winnt auto yes)
1598 + )
1599 +
1600 + # Some cross-compiling tests don't pan out well.
1601 + tc-is-cross-compiler && myconf+=(
1602 + --with-yielding-select=yes
1603 + )
1604 +
1605 + local ssl_lib="no"
1606 + if use ssl || ( ! use minimal && use samba ) ; then
1607 + ssl_lib="openssl"
1608 + use gnutls && ssl_lib="gnutls"
1609 + fi
1610 +
1611 + myconf+=( --with-tls=${ssl_lib} )
1612 +
1613 + for basicflag in dynamic proctitle shared; do
1614 + myconf+=( --enable-${basicflag} )
1615 + done
1616 +
1617 + tc-export AR CC CXX RC
1618 + ECONF_SOURCE=${S} \
1619 + STRIP=/bin/true \
1620 + econf \
1621 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
1622 + $(use_enable static-libs static) \
1623 + "${myconf[@]}"
1624 + emake depend
1625 +}
1626 +
1627 +src_configure_cxx() {
1628 + # This needs the libraries built by the first build run.
1629 + # So we have to run it AFTER the main build, not just after the main
1630 + # configure.
1631 + local myconf_ldapcpp=(
1632 + --with-ldap-includes="${S}"/include
1633 + )
1634 +
1635 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
1636 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1637 +
1638 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
1639 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
1640 + -L"${BUILD_DIR}"/libraries/libldap/.libs
1641 + append-cppflags -I"${BUILD_DIR}"/include
1642 + ECONF_SOURCE=${S}/contrib/ldapc++ \
1643 + econf "${myconf_ldapcpp[@]}" \
1644 + CC="${CC}" \
1645 + CXX="${CXX}"
1646 +}
1647 +
1648 +multilib_src_compile() {
1649 + tc-export AR CC CXX RC
1650 + emake CC="${CC}" AR="${AR}" SHELL="${BASH}"
1651 + local lt="${BUILD_DIR}/libtool"
1652 + export echo="echo"
1653 +
1654 + if ! use minimal && multilib_is_native_abi ; then
1655 + if use cxx ; then
1656 + einfo "Building contrib library: ldapc++"
1657 + src_configure_cxx
1658 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1659 + emake \
1660 + CC="${CC}" CXX="${CXX}"
1661 + fi
1662 +
1663 + if use smbkrb5passwd ; then
1664 + einfo "Building contrib-module: smbk5pwd"
1665 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1666 +
1667 + MY_DEFS="-DDO_SHADOW"
1668 + if use samba ; then
1669 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
1670 + MY_KRB5_INC=""
1671 + fi
1672 + if use kerberos ; then
1673 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
1674 + MY_KRB5_INC="$(krb5-config --cflags)"
1675 + fi
1676 +
1677 + emake \
1678 + DEFS="${MY_DEFS}" \
1679 + KRB5_INC="${MY_KRB5_INC}" \
1680 + LDAP_BUILD="${BUILD_DIR}" \
1681 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
1682 + fi
1683 +
1684 + if use overlays ; then
1685 + einfo "Building contrib-module: samba4"
1686 + cd "${S}/contrib/slapd-modules/samba4" || die
1687 +
1688 + emake \
1689 + LDAP_BUILD="${BUILD_DIR}" \
1690 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
1691 + fi
1692 +
1693 + if use kerberos ; then
1694 + if use kinit ; then
1695 + build_contrib_module "kinit" "kinit.c" "kinit"
1696 + fi
1697 + cd "${S}/contrib/slapd-modules/passwd" || die
1698 + einfo "Compiling contrib-module: pw-kerberos"
1699 + "${lt}" --mode=compile --tag=CC \
1700 + "${CC}" \
1701 + -I"${BUILD_DIR}"/include \
1702 + -I../../../include \
1703 + ${CFLAGS} \
1704 + $(krb5-config --cflags) \
1705 + -DHAVE_KRB5 \
1706 + -o kerberos.lo \
1707 + -c kerberos.c || die "compiling pw-kerberos failed"
1708 + einfo "Linking contrib-module: pw-kerberos"
1709 + "${lt}" --mode=link --tag=CC \
1710 + "${CC}" -module \
1711 + ${CFLAGS} \
1712 + ${LDFLAGS} \
1713 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1714 + -o pw-kerberos.la \
1715 + kerberos.lo || die "linking pw-kerberos failed"
1716 + fi
1717 +
1718 + if use pbkdf2; then
1719 + cd "${S}/contrib/slapd-modules/passwd/pbkdf2" || die
1720 + einfo "Compiling contrib-module: pw-pbkdf2"
1721 + "${lt}" --mode=compile --tag=CC \
1722 + "${CC}" \
1723 + -I"${BUILD_DIR}"/include \
1724 + -I../../../../include \
1725 + ${CFLAGS} \
1726 + -o pbkdf2.lo \
1727 + -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
1728 + einfo "Linking contrib-module: pw-pbkdf2"
1729 + "${lt}" --mode=link --tag=CC \
1730 + "${CC}" -module \
1731 + ${CFLAGS} \
1732 + ${LDFLAGS} \
1733 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1734 + -o pw-pbkdf2.la \
1735 + pbkdf2.lo || die "linking pw-pbkdf2 failed"
1736 + fi
1737 +
1738 + if use sha2 ; then
1739 + cd "${S}/contrib/slapd-modules/passwd/sha2" || die
1740 + einfo "Compiling contrib-module: pw-sha2"
1741 + "${lt}" --mode=compile --tag=CC \
1742 + "${CC}" \
1743 + -I"${BUILD_DIR}"/include \
1744 + -I../../../../include \
1745 + ${CFLAGS} \
1746 + -o sha2.lo \
1747 + -c sha2.c || die "compiling pw-sha2 failed"
1748 + "${lt}" --mode=compile --tag=CC \
1749 + "${CC}" \
1750 + -I"${BUILD_DIR}"/include \
1751 + -I../../../../include \
1752 + ${CFLAGS} \
1753 + -o slapd-sha2.lo \
1754 + -c slapd-sha2.c || die "compiling pw-sha2 failed"
1755 + einfo "Linking contrib-module: pw-sha2"
1756 + "${lt}" --mode=link --tag=CC \
1757 + "${CC}" -module \
1758 + ${CFLAGS} \
1759 + ${LDFLAGS} \
1760 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1761 + -o pw-sha2.la \
1762 + sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
1763 + fi
1764 +
1765 + # We could build pw-radius if GNURadius would install radlib.h
1766 + cd "${S}/contrib/slapd-modules/passwd" || die
1767 + einfo "Compiling contrib-module: pw-netscape"
1768 + "${lt}" --mode=compile --tag=CC \
1769 + "${CC}" \
1770 + -I"${BUILD_DIR}"/include \
1771 + -I../../../include \
1772 + ${CFLAGS} \
1773 + -o netscape.lo \
1774 + -c netscape.c || die "compiling pw-netscape failed"
1775 + einfo "Linking contrib-module: pw-netscape"
1776 + "${lt}" --mode=link --tag=CC \
1777 + "${CC}" -module \
1778 + ${CFLAGS} \
1779 + ${LDFLAGS} \
1780 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1781 + -o pw-netscape.la \
1782 + netscape.lo || die "linking pw-netscape failed"
1783 +
1784 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
1785 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
1786 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
1787 + build_contrib_module "allop" "allop.c" "overlay-allop"
1788 + build_contrib_module "allowed" "allowed.c" "allowed"
1789 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
1790 + build_contrib_module "cloak" "cloak.c" "cloak"
1791 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
1792 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
1793 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
1794 + build_contrib_module "dupent" "dupent.c" "dupent"
1795 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
1796 + # lastmod may not play well with other overlays
1797 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
1798 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
1799 + build_contrib_module "nops" "nops.c" "nops-overlay"
1800 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
1801 + build_contrib_module "trace" "trace.c" "trace"
1802 + # build slapi-plugins
1803 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
1804 + einfo "Building contrib-module: addrdnvalues plugin"
1805 + "${CC}" -shared \
1806 + -I"${BUILD_DIR}"/include \
1807 + -I../../../include \
1808 + ${CFLAGS} \
1809 + -fPIC \
1810 + ${LDFLAGS} \
1811 + -o libaddrdnvalues-plugin.so \
1812 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
1813 +
1814 + fi
1815 +}
1816 +
1817 +multilib_src_test() {
1818 + if multilib_is_native_abi; then
1819 + cd tests || die
1820 + emake tests || die "make tests failed"
1821 + fi
1822 +}
1823 +
1824 +multilib_src_install() {
1825 + local lt="${BUILD_DIR}/libtool"
1826 + emake DESTDIR="${D}" SHELL="${BASH}" install
1827 +
1828 + if ! use minimal && multilib_is_native_abi; then
1829 + # openldap modules go here
1830 + # TODO: write some code to populate slapd.conf with moduleload statements
1831 + keepdir /usr/$(get_libdir)/openldap/openldap/
1832 +
1833 + # initial data storage dir
1834 + keepdir /var/lib/openldap-data
1835 + use prefix || fowners ldap:ldap /var/lib/openldap-data
1836 + fperms 0700 /var/lib/openldap-data
1837 +
1838 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1839 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1840 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1841 +
1842 + # use our config
1843 + rm "${ED}"etc/openldap/slapd.conf
1844 + insinto /etc/openldap
1845 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
1846 + configfile="${ED}"etc/openldap/slapd.conf
1847 +
1848 + # populate with built backends
1849 + ebegin "populate config with built backends"
1850 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
1851 + einfo "Adding $(basename ${x})"
1852 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
1853 + done
1854 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
1855 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
1856 + fperms 0640 /etc/openldap/slapd.conf
1857 + cp "${configfile}" "${configfile}".default
1858 + eend
1859 +
1860 + # install our own init scripts and systemd unit files
1861 + einfo "Install init scripts"
1862 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
1863 + doinitd "${T}"/slapd
1864 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
1865 +
1866 + einfo "Install systemd service"
1867 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
1868 + systemd_dounit "${T}"/slapd.service
1869 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
1870 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
1871 +
1872 + # If built without SLP, we don't need to be before avahi
1873 + use slp \
1874 + || sed -i \
1875 + -e '/before/{s/avahi-daemon//g}' \
1876 + "${ED}"etc/init.d/slapd
1877 +
1878 + if use cxx ; then
1879 + einfo "Install the ldapc++ library"
1880 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1881 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1882 + cd "${S}"/contrib/ldapc++ || die
1883 + newdoc README ldapc++-README
1884 + fi
1885 +
1886 + if use smbkrb5passwd ; then
1887 + einfo "Install the smbk5pwd module"
1888 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1889 + emake DESTDIR="${D}" \
1890 + LDAP_BUILD="${BUILD_DIR}" \
1891 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1892 + newdoc README smbk5pwd-README
1893 + fi
1894 +
1895 + if use overlays ; then
1896 + einfo "Install the samba4 module"
1897 + cd "${S}/contrib/slapd-modules/samba4" || die
1898 + emake DESTDIR="${D}" \
1899 + LDAP_BUILD="${BUILD_DIR}" \
1900 + libexecdir="/usr/$(get_libdir)/openldap" install
1901 + newdoc README samba4-README
1902 + fi
1903 +
1904 + einfo "Installing contrib modules"
1905 + cd "${S}/contrib/slapd-modules" || die
1906 + for l in */*.la */*/*.la; do
1907 + [[ -e ${l} ]] || continue
1908 + "${lt}" --mode=install cp ${l} \
1909 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
1910 + die "installing ${l} failed"
1911 + done
1912 +
1913 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
1914 + docinto contrib
1915 + doman */*.5
1916 + #newdoc acl/README*
1917 + newdoc addpartial/README addpartial-README
1918 + newdoc allop/README allop-README
1919 + newdoc allowed/README allowed-README
1920 + newdoc autogroup/README autogroup-README
1921 + newdoc dsaschema/README dsaschema-README
1922 + newdoc passwd/README passwd-README
1923 + cd "${S}/contrib/slapi-plugins" || die
1924 + insinto /usr/$(get_libdir)/openldap/openldap
1925 + doins */*.so
1926 + docinto contrib
1927 + newdoc addrdnvalues/README addrdnvalues-README
1928 +
1929 + insinto /etc/openldap/schema
1930 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
1931 +
1932 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
1933 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
1934 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
1935 +
1936 + dosbin "${S}"/contrib/slapd-tools/statslog
1937 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
1938 + fi
1939 +
1940 + use static-libs || prune_libtool_files --all
1941 +}
1942 +
1943 +multilib_src_install_all() {
1944 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
1945 + docinto rfc ; dodoc doc/rfc/*.txt
1946 +}
1947 +
1948 +pkg_preinst() {
1949 + # keep old libs if any
1950 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
1951 + # bug 440470, only display the getting started help there was no openldap before,
1952 + # or we are going to a non-minimal build
1953 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
1954 + OPENLDAP_PRINT_MESSAGES=$((! $?))
1955 +}
1956 +
1957 +pkg_postinst() {
1958 + if ! use minimal ; then
1959 + # You cannot build SSL certificates during src_install that will make
1960 + # binary packages containing your SSL key, which is both a security risk
1961 + # and a misconfiguration if multiple machines use the same key and cert.
1962 + if use ssl; then
1963 + install_cert /etc/openldap/ssl/ldap
1964 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
1965 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1966 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1967 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
1968 + fi
1969 +
1970 + if use prefix; then
1971 + # Warn about prefix issues with slapd
1972 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
1973 + eerror "to start up, and requires that certain files directories be owned by"
1974 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
1975 + eerror "directories, you will have to manually fix this yourself."
1976 + fi
1977 +
1978 + # These lines force the permissions of various content to be correct
1979 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
1980 + chmod 0755 "${EROOT}"var/run/openldap
1981 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
1982 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
1983 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
1984 + fi
1985 +
1986 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
1987 + elog "Getting started using OpenLDAP? There is some documentation available:"
1988 + elog "Gentoo Guide to OpenLDAP Authentication"
1989 + elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
1990 + elog "---"
1991 + elog "An example file for tuning BDB backends with openldap is"
1992 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
1993 + fi
1994 +
1995 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
1996 +}
Report Message
Find on MARC Find on Google Groups